Denial Of Service (DoS)

pocketmine/pocketmine-mp is vulnerable to denial of service DoS. The vulnerability exists as InventoryTransactionPackets can be used to cause an exponential computation to occur through InventoryTransaction-findResultItem...

GHSA-8JQ6-W5CG-WM45 Exploitable inventory component chaining in PocketMine-MP

Impact Specially crafted InventoryTransactionPackets sent by malicious clients were able to exploit the behaviour of InventoryTransaction-findResultItem and cause it to take an abnormally long time to execute causing an apparent server freeze. The affected code is intended to compact conflicting...